npm - @devtrack-solution/codesdd - Versions diffs - 1.2.2 → 1.2.3 - Mend

@devtrack-solution/codesdd 1.2.2 → 1.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (345) hide show

package/.sdd/skills/curated/api-clean-flask-langgraph/SKILL.md +17 -17
package/.sdd/skills/curated/devtrack-api/SKILL.md +160 -28
package/.sdd/skills/curated/devtrack-api/agents/openai.yaml +1 -1
package/.sdd/skills/curated/devtrack-api/references/architecture-governance.md +8 -7
package/.sdd/skills/curated/devtrack-api/references/consumer-sync-policy.md +93 -0
package/.sdd/skills/curated/devtrack-api/references/contract-pack.yaml +317 -0
package/.sdd/skills/curated/devtrack-api/references/field-validation-protocol.md +95 -0
package/.sdd/skills/curated/devtrack-api/references/foundation-layout.md +295 -0
package/.sdd/skills/curated/devtrack-api/references/implementation-checklist.md +4 -4
package/.sdd/skills/curated/devtrack-api/references/imports-lint.md +4 -0
package/.sdd/skills/curated/devtrack-api/references/testing-validation.md +2 -2
package/LICENSE +1 -1
package/README.md +243 -51
package/bin/codesdd.js +3 -2
package/dist/cli/index.d.ts +2 -2
package/dist/cli/index.js +11 -558
package/dist/cli/program.d.ts +14 -0
package/dist/cli/program.js +645 -0
package/dist/commands/change.js +5 -5
package/dist/commands/completion.d.ts +1 -1
package/dist/commands/completion.js +9 -2
package/dist/commands/config.js +159 -20
package/dist/commands/feedback.js +1 -1
package/dist/commands/schema.d.ts +63 -0
package/dist/commands/schema.js +12 -12
package/dist/commands/sdd/backlog.d.ts +3 -0
package/dist/commands/sdd/backlog.js +54 -0
package/dist/commands/sdd/execution.js +147 -16
package/dist/commands/sdd/plugin.d.ts +3 -0
package/dist/commands/sdd/plugin.js +153 -0
package/dist/commands/sdd/shared.js +2 -23
package/dist/commands/sdd/skills.js +7 -0
package/dist/commands/sdd.js +69 -12
package/dist/commands/spec.js +9 -9
package/dist/commands/validate.js +6 -6
package/dist/commands/workflow/instructions.js +6 -6
package/dist/commands/workflow/new-change.js +3 -3
package/dist/commands/workflow/shared.d.ts +1 -1
package/dist/commands/workflow/shared.js +4 -4
package/dist/core/archive.js +15 -5
package/dist/core/artifact-graph/instruction-loader.d.ts +1 -1
package/dist/core/artifact-graph/instruction-loader.js +3 -3
package/dist/core/artifact-graph/resolver.d.ts +4 -4
package/dist/core/artifact-graph/resolver.js +6 -6
package/dist/core/branding.js +3 -3
package/dist/core/cli/command-matrix.js +10 -1
package/dist/core/cli-command-quality.d.ts +27 -0
package/dist/core/cli-command-quality.js +171 -0
package/dist/core/command-generation/adapters/costrict.d.ts +1 -1
package/dist/core/command-generation/adapters/costrict.js +2 -2
package/dist/core/command-generation/types.d.ts +1 -1
package/dist/core/completions/command-registry.d.ts +1 -1
package/dist/core/completions/command-registry.js +155 -12
package/dist/core/completions/completion-provider.d.ts +14 -1
package/dist/core/completions/completion-provider.js +29 -1
package/dist/core/completions/generators/bash-generator.d.ts +1 -1
package/dist/core/completions/generators/bash-generator.js +20 -12
package/dist/core/completions/generators/fish-generator.d.ts +9 -1
package/dist/core/completions/generators/fish-generator.js +39 -25
package/dist/core/completions/generators/powershell-generator.d.ts +1 -1
package/dist/core/completions/generators/powershell-generator.js +21 -11
package/dist/core/completions/generators/zsh-generator.d.ts +3 -6
package/dist/core/completions/generators/zsh-generator.js +21 -42
package/dist/core/completions/installers/bash-installer.js +6 -6
package/dist/core/completions/installers/fish-installer.js +1 -1
package/dist/core/completions/installers/powershell-installer.js +14 -14
package/dist/core/completions/installers/zsh-installer.d.ts +7 -1
package/dist/core/completions/installers/zsh-installer.js +36 -8
package/dist/core/completions/templates/bash-templates.d.ts +1 -1
package/dist/core/completions/templates/bash-templates.js +12 -6
package/dist/core/completions/templates/fish-templates.d.ts +2 -2
package/dist/core/completions/templates/fish-templates.js +20 -9
package/dist/core/completions/templates/powershell-templates.d.ts +1 -1
package/dist/core/completions/templates/powershell-templates.js +13 -4
package/dist/core/completions/templates/zsh-templates.d.ts +1 -1
package/dist/core/completions/templates/zsh-templates.js +18 -9
package/dist/core/config-schema.d.ts +3 -1
package/dist/core/config-schema.js +26 -1
package/dist/core/config.d.ts +3 -3
package/dist/core/config.js +4 -4
package/dist/core/global-config.d.ts +41 -12
package/dist/core/global-config.js +344 -27
package/dist/core/index.d.ts +1 -1
package/dist/core/index.js +2 -2
package/dist/core/init.d.ts +6 -1
package/dist/core/init.js +99 -77
package/dist/core/legacy-cleanup.d.ts +17 -17
package/dist/core/legacy-cleanup.js +96 -79
package/dist/core/list.js +18 -4
package/dist/core/migration.d.ts +3 -1
package/dist/core/migration.js +7 -8
package/dist/core/parsers/change-parser.js +1 -1
package/dist/core/parsers/markdown-parser.js +2 -2
package/dist/core/profile-sync-drift.d.ts +1 -1
package/dist/core/profile-sync-drift.js +13 -13
package/dist/core/project-config.d.ts +4 -4
package/dist/core/project-config.js +11 -11
package/dist/core/schemas/change.schema.d.ts +1 -1
package/dist/core/schemas/change.schema.js +1 -1
package/dist/core/schemas/spec.schema.d.ts +1 -1
package/dist/core/schemas/spec.schema.js +1 -1
package/dist/core/sdd/adr.js +23 -1
package/dist/core/sdd/agent-binding.d.ts +346 -0
package/dist/core/sdd/agent-binding.js +343 -0
package/dist/core/sdd/backlog-cli.d.ts +16 -0
package/dist/core/sdd/backlog-cli.js +146 -0
package/dist/core/sdd/backlog-conflict-policy.d.ts +58 -0
package/dist/core/sdd/backlog-conflict-policy.js +230 -0
package/dist/core/sdd/backlog-projection.d.ts +8 -0
package/dist/core/sdd/backlog-projection.js +89 -0
package/dist/core/sdd/backlog-provider-contract.d.ts +252 -0
package/dist/core/sdd/backlog-provider-contract.js +158 -0
package/dist/core/sdd/bootstrap.js +2 -2
package/dist/core/sdd/check.d.ts +42 -0
package/dist/core/sdd/check.js +22 -22
package/dist/core/sdd/contract.d.ts +13 -0
package/dist/core/sdd/contract.js +36 -0
package/dist/core/sdd/coordination/coordination-adapters.d.ts +38 -0
package/dist/core/sdd/coordination/coordination-adapters.js +139 -1
package/dist/core/sdd/deepagent-contracts.d.ts +276 -0
package/dist/core/sdd/deepagent-contracts.js +173 -0
package/dist/core/sdd/deepagents/adr-governor.d.ts +2 -0
package/dist/core/sdd/deepagents/adr-governor.js +30 -0
package/dist/core/sdd/deepagents/backend.d.ts +63 -0
package/dist/core/sdd/deepagents/backend.js +174 -0
package/dist/core/sdd/deepagents/codesdd-tools.d.ts +39 -0
package/dist/core/sdd/deepagents/codesdd-tools.js +83 -0
package/dist/core/sdd/deepagents/evidence-mapper.d.ts +86 -0
package/dist/core/sdd/deepagents/evidence-mapper.js +178 -0
package/dist/core/sdd/deepagents/model-provider.d.ts +53 -0
package/dist/core/sdd/deepagents/model-provider.js +379 -0
package/dist/core/sdd/deepagents/policy-enforcement.d.ts +30 -0
package/dist/core/sdd/deepagents/policy-enforcement.js +90 -0
package/dist/core/sdd/deepagents/policy.d.ts +75 -0
package/dist/core/sdd/deepagents/policy.js +358 -0
package/dist/core/sdd/deepagents/quality-witness.d.ts +3 -0
package/dist/core/sdd/deepagents/quality-witness.js +77 -0
package/dist/core/sdd/deepagents/reversa-subagents.d.ts +75 -0
package/dist/core/sdd/deepagents/reversa-subagents.js +182 -0
package/dist/core/sdd/deepagents/runtime-factory.d.ts +90 -0
package/dist/core/sdd/deepagents/runtime-factory.js +231 -0
package/dist/core/sdd/deepagents/runtime-loader.d.ts +16 -0
package/dist/core/sdd/deepagents/runtime-loader.js +65 -0
package/dist/core/sdd/default-bootstrap-files.d.ts +2 -2
package/dist/core/sdd/default-bootstrap-files.js +36 -2
package/dist/core/sdd/default-skills.d.ts +30 -0
package/dist/core/sdd/default-skills.js +181 -5
package/dist/core/sdd/devtrack-api-appliance.d.ts +84 -0
package/dist/core/sdd/devtrack-api-appliance.js +257 -0
package/dist/core/sdd/devtrack-api-architecture.d.ts +31 -0
package/dist/core/sdd/devtrack-api-architecture.js +608 -0
package/dist/core/sdd/devtrack-api-import-boundary.d.ts +19 -0
package/dist/core/sdd/devtrack-api-import-boundary.js +32 -0
package/dist/core/sdd/diagnose.d.ts +59 -0
package/dist/core/sdd/diagnose.js +37 -37
package/dist/core/sdd/docs-sync.js +33 -5
package/dist/core/sdd/domain/post-active-validation.d.ts +7 -0
package/dist/core/sdd/domain/post-active-validation.js +61 -0
package/dist/core/sdd/domain/transition-engine.js +1 -0
package/dist/core/sdd/entity-reference.d.ts +5 -0
package/dist/core/sdd/entity-reference.js +22 -0
package/dist/core/sdd/governance-backfill.d.ts +31 -0
package/dist/core/sdd/governance-backfill.js +359 -0
package/dist/core/sdd/governance-parser.d.ts +21 -0
package/dist/core/sdd/governance-parser.js +91 -0
package/dist/core/sdd/governance-schemas.d.ts +245 -0
package/dist/core/sdd/governance-schemas.js +143 -0
package/dist/core/sdd/{import-openspec.d.ts → import-legacy-spec.d.ts} +7 -7
package/dist/core/sdd/{import-openspec.js → import-legacy-spec.js} +21 -29
package/dist/core/sdd/init.d.ts +3 -0
package/dist/core/sdd/init.js +6 -3
package/dist/core/sdd/json-schema.js +100 -6
package/dist/core/sdd/knowledge-graph.d.ts +45 -0
package/dist/core/sdd/knowledge-graph.js +288 -0
package/dist/core/sdd/legacy-operations.js +431 -43
package/dist/core/sdd/lenses.d.ts +1 -0
package/dist/core/sdd/lenses.js +29 -1
package/dist/core/sdd/migrate-workspace.js +56 -2
package/dist/core/sdd/migrate.d.ts +1 -1
package/dist/core/sdd/migrate.js +36 -2
package/dist/core/sdd/package-structure-gate.d.ts +83 -0
package/dist/core/sdd/package-structure-gate.js +362 -0
package/dist/core/sdd/parallel-feat-automation.d.ts +152 -0
package/dist/core/sdd/parallel-feat-automation.js +212 -0
package/dist/core/sdd/plugin-broker.d.ts +558 -0
package/dist/core/sdd/plugin-broker.js +482 -0
package/dist/core/sdd/plugin-certification.d.ts +79 -0
package/dist/core/sdd/plugin-certification.js +453 -0
package/dist/core/sdd/plugin-cli.d.ts +109 -0
package/dist/core/sdd/plugin-cli.js +198 -0
package/dist/core/sdd/plugin-evidence.d.ts +275 -0
package/dist/core/sdd/plugin-evidence.js +307 -0
package/dist/core/sdd/plugin-manifest.d.ts +164 -0
package/dist/core/sdd/plugin-manifest.js +215 -0
package/dist/core/sdd/plugin-policy-pack.d.ts +88 -0
package/dist/core/sdd/plugin-policy-pack.js +236 -0
package/dist/core/sdd/plugin-policy.d.ts +68 -0
package/dist/core/sdd/plugin-policy.js +212 -0
package/dist/core/sdd/plugin-registry.d.ts +311 -0
package/dist/core/sdd/plugin-registry.js +138 -0
package/dist/core/sdd/plugin-skill-binding.d.ts +151 -0
package/dist/core/sdd/plugin-skill-binding.js +339 -0
package/dist/core/sdd/quality-artifact-manifest-validator.d.ts +28 -0
package/dist/core/sdd/quality-artifact-manifest-validator.js +167 -0
package/dist/core/sdd/quality-evidence-renderer.d.ts +65 -0
package/dist/core/sdd/quality-evidence-renderer.js +218 -0
package/dist/core/sdd/quality-scenario-runner.d.ts +42 -0
package/dist/core/sdd/quality-scenario-runner.js +613 -0
package/dist/core/sdd/quality-validation.d.ts +547 -0
package/dist/core/sdd/quality-validation.js +239 -0
package/dist/core/sdd/resolve-project-root.d.ts +2 -2
package/dist/core/sdd/resolve-project-root.js +11 -5
package/dist/core/sdd/sanitize.d.ts +30 -1
package/dist/core/sdd/sanitize.js +23 -23
package/dist/core/sdd/services/agent-run.service.d.ts +65 -0
package/dist/core/sdd/services/agent-run.service.js +189 -0
package/dist/core/sdd/services/breakdown.service.js +2 -1
package/dist/core/sdd/services/context.service.js +18 -16
package/dist/core/sdd/services/debate.service.js +15 -2
package/dist/core/sdd/services/feature-lint.service.d.ts +22 -0
package/dist/core/sdd/services/feature-lint.service.js +105 -5
package/dist/core/sdd/services/finalize.service.d.ts +80 -0
package/dist/core/sdd/services/finalize.service.js +323 -24
package/dist/core/sdd/services/frontend-gap.service.js +22 -7
package/dist/core/sdd/services/governance-control-plane-runtime-adapters.d.ts +17 -0
package/dist/core/sdd/services/governance-control-plane-runtime-adapters.js +38 -0
package/dist/core/sdd/services/governance-control-plane.service.d.ts +66 -0
package/dist/core/sdd/services/governance-control-plane.service.js +134 -0
package/dist/core/sdd/services/ingest-deposito.service.js +1 -1
package/dist/core/sdd/services/legacy-capability.service.d.ts +10 -7
package/dist/core/sdd/services/legacy-capability.service.js +38 -21
package/dist/core/sdd/services/mcp-runtime.service.d.ts +123 -8
package/dist/core/sdd/services/mcp-runtime.service.js +1085 -33
package/dist/core/sdd/services/onboard.service.js +2 -1
package/dist/core/sdd/services/rebuild.service.js +6 -1
package/dist/core/sdd/services/skills-sync.service.d.ts +17 -5
package/dist/core/sdd/services/skills-sync.service.js +55 -2
package/dist/core/sdd/services/start.service.js +6 -4
package/dist/core/sdd/skill-bundles-curation-schema.d.ts +66 -0
package/dist/core/sdd/skill-bundles-curation-schema.js +52 -0
package/dist/core/sdd/skill-evidence.d.ts +19 -0
package/dist/core/sdd/skill-evidence.js +38 -0
package/dist/core/sdd/skill-policy-pool.d.ts +46 -0
package/dist/core/sdd/skill-policy-pool.js +185 -0
package/dist/core/sdd/state.d.ts +22 -0
package/dist/core/sdd/state.js +66 -41
package/dist/core/sdd/structural-health.d.ts +42 -42
package/dist/core/sdd/types.d.ts +33 -7
package/dist/core/sdd/types.js +17 -0
package/dist/core/sdd/upgrade-to-codesdd.d.ts +45 -0
package/dist/core/sdd/upgrade-to-codesdd.js +179 -0
package/dist/core/sdd/workspace-schemas.d.ts +285 -14
package/dist/core/sdd/workspace-schemas.js +148 -0
package/dist/core/sdd/write-manifest.js +22 -4
package/dist/core/shared/skill-generation.d.ts +1 -1
package/dist/core/shared/skill-generation.js +15 -15
package/dist/core/shared/tool-detection.d.ts +3 -3
package/dist/core/shared/tool-detection.js +14 -14
package/dist/core/specs-apply.js +6 -6
package/dist/core/templates/index.d.ts +1 -1
package/dist/core/templates/index.js +1 -1
package/dist/core/templates/workflows/apply-change.js +14 -14
package/dist/core/templates/workflows/archive-change.js +32 -32
package/dist/core/templates/workflows/bulk-archive-change.js +25 -25
package/dist/core/templates/workflows/continue-change.js +12 -12
package/dist/core/templates/workflows/explore.js +29 -29
package/dist/core/templates/workflows/feedback.js +6 -6
package/dist/core/templates/workflows/ff-change.js +24 -24
package/dist/core/templates/workflows/new-change.js +20 -20
package/dist/core/templates/workflows/onboard.js +33 -33
package/dist/core/templates/workflows/propose.js +23 -23
package/dist/core/templates/workflows/sdd.js +8 -8
package/dist/core/templates/workflows/sync-specs.js +19 -19
package/dist/core/templates/workflows/verify-change.js +17 -17
package/dist/core/update.d.ts +2 -2
package/dist/core/update.js +16 -15
package/dist/core/validation/constants.d.ts +1 -1
package/dist/core/validation/constants.js +1 -1
package/dist/core/view.js +11 -11
package/dist/telemetry/config.d.ts +2 -1
package/dist/telemetry/config.js +17 -8
package/dist/telemetry/index.d.ts +10 -2
package/dist/telemetry/index.js +40 -7
package/dist/ui/ascii-patterns.d.ts +2 -2
package/dist/ui/ascii-patterns.js +2 -2
package/dist/ui/welcome-screen.js +2 -2
package/dist/utils/change-metadata.d.ts +4 -4
package/dist/utils/change-metadata.js +6 -6
package/dist/utils/change-utils.d.ts +3 -3
package/dist/utils/change-utils.js +5 -5
package/dist/utils/file-system.js +1 -1
package/dist/utils/interactive.js +1 -1
package/dist/utils/item-discovery.js +4 -4
package/dist/utils/legacy-spec-compat.d.ts +2 -0
package/dist/utils/legacy-spec-compat.js +2 -0
package/dist/utils/shell-detection.d.ts +1 -0
package/dist/utils/shell-detection.js +16 -0
package/package.json +27 -17
package/schemas/sdd/1-spec.schema.json +1 -1
package/schemas/sdd/2-plan.schema.json +73 -1
package/schemas/sdd/3-tasks.schema.json +73 -1
package/schemas/sdd/4-changelog.schema.json +1 -1
package/schemas/sdd/5-quality.schema.json +442 -2
package/schemas/sdd/adr.schema.json +148 -0
package/schemas/sdd/agent-binding-adapter.schema.json +210 -0
package/schemas/sdd/agent-binding-resolution.schema.json +338 -0
package/schemas/sdd/backlog-projection-plan.schema.json +180 -0
package/schemas/sdd/backlog-provider-contract.schema.json +260 -0
package/schemas/sdd/codesdd-plugin.schema.json +474 -0
package/schemas/sdd/debate.schema.json +244 -0
package/schemas/sdd/deepagent-decision-evidence.schema.json +58 -0
package/schemas/sdd/deepagent-env-contract.schema.json +143 -0
package/schemas/sdd/deepagent-quality-evidence.schema.json +108 -0
package/schemas/sdd/deepagent-run-evidence.schema.json +192 -0
package/schemas/sdd/deepagent-run-plan.schema.json +197 -0
package/schemas/sdd/deepagent-run-request.schema.json +321 -0
package/schemas/sdd/deepagent-subagent-evidence.schema.json +110 -0
package/schemas/sdd/deepagent-tool-call-evidence.schema.json +78 -0
package/schemas/sdd/discarded.schema.json +127 -0
package/schemas/sdd/epic.schema.json +147 -0
package/schemas/sdd/insight.schema.json +136 -0
package/schemas/sdd/parallel-feat-automation-plan.schema.json +215 -0
package/schemas/sdd/parallel-feat-automation-request.schema.json +109 -0
package/schemas/sdd/plugin-artifact-manifest.schema.json +150 -0
package/schemas/sdd/plugin-compliance-index.schema.json +136 -0
package/schemas/sdd/plugin-dry-run-plan.schema.json +260 -0
package/schemas/sdd/plugin-evidence-manifest.schema.json +569 -0
package/schemas/sdd/plugin-policy-evaluation.schema.json +92 -0
package/schemas/sdd/plugin-policy-pack-evaluation.schema.json +94 -0
package/schemas/sdd/plugin-policy-pack.schema.json +196 -0
package/schemas/sdd/plugin-registry.schema.json +558 -0
package/schemas/sdd/plugin-rollback-manifest.schema.json +87 -0
package/schemas/sdd/plugin-runtime-invocation-plan.schema.json +845 -0
package/schemas/sdd/plugin-skill-binding-resolution.schema.json +305 -0
package/schemas/sdd/plugin-skill-binding.schema.json +88 -0
package/schemas/sdd/plugin-validation-manifest.schema.json +123 -0
package/schemas/sdd/quality-architecture-schema.schema.json +216 -0
package/schemas/sdd/quality-evidence-bundle.schema.json +1228 -0
package/schemas/sdd/quality-run.schema.json +197 -0
package/schemas/sdd/quality-scenario.schema.json +252 -0
package/schemas/sdd/workspace-catalog.schema.json +9841 -22
package/schemas/spec-driven/schema.yaml +4 -4
package/schemas/spec-driven/templates/proposal.md +1 -1
package/dist/utils/openspec-compat.d.ts +0 -2
package/dist/utils/openspec-compat.js +0 -2

package/schemas/sdd/plugin-policy-pack-evaluation.schema.json ADDED Viewed

@@ -0,0 +1,94 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "type": "object",
+  "properties": {
+    "schema_version": {
+      "type": "number",
+      "const": 1
+    },
+    "plugin_ref": {
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "string",
+          "minLength": 1
+        },
+        "version": {
+          "type": "string",
+          "minLength": 1
+        }
+      },
+      "required": [
+        "id",
+        "version"
+      ],
+      "additionalProperties": false
+    },
+    "decision": {
+      "type": "string",
+      "enum": [
+        "allow",
+        "warn",
+        "deny"
+      ]
+    },
+    "declared_policy_packs": {
+      "default": [],
+      "type": "array",
+      "items": {
+        "type": "string"
+      }
+    },
+    "applied_policy_packs": {
+      "default": [],
+      "type": "array",
+      "items": {
+        "type": "string"
+      }
+    },
+    "issues": {
+      "default": [],
+      "type": "array",
+      "items": {
+        "type": "object",
+        "properties": {
+          "code": {
+            "type": "string",
+            "minLength": 1
+          },
+          "severity": {
+            "type": "string",
+            "enum": [
+              "deny",
+              "warn"
+            ]
+          },
+          "message": {
+            "type": "string",
+            "minLength": 1
+          },
+          "policy_pack": {
+            "type": "string"
+          }
+        },
+        "required": [
+          "code",
+          "severity",
+          "message"
+        ],
+        "additionalProperties": false
+      }
+    }
+  },
+  "required": [
+    "schema_version",
+    "plugin_ref",
+    "decision",
+    "declared_policy_packs",
+    "applied_policy_packs",
+    "issues"
+  ],
+  "additionalProperties": false,
+  "title": "CodeSDD Plugin Policy Pack Evaluation",
+  "description": "Machine-readable policy pack evaluation result for a CodeSDD enterprise plugin manifest."
+}

package/schemas/sdd/plugin-policy-pack.schema.json ADDED Viewed

@@ -0,0 +1,196 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "type": "object",
+  "properties": {
+    "id": {
+      "type": "string",
+      "pattern": "^[a-z][a-z0-9-]*$"
+    },
+    "version": {
+      "type": "string",
+      "pattern": "^\\d+\\.\\d+\\.\\d+(?:[-+][0-9A-Za-z.-]+)?$"
+    },
+    "description": {
+      "type": "string",
+      "minLength": 20
+    },
+    "applies_to": {
+      "default": {
+        "trust_tiers": [
+          "enterprise-approved"
+        ]
+      },
+      "type": "object",
+      "properties": {
+        "trust_tiers": {
+          "default": [
+            "enterprise-approved"
+          ],
+          "type": "array",
+          "items": {
+            "type": "string",
+            "enum": [
+              "local-dev",
+              "experimental",
+              "enterprise-approved",
+              "blocked"
+            ]
+          }
+        }
+      },
+      "required": [
+        "trust_tiers"
+      ],
+      "additionalProperties": false
+    },
+    "requirements": {
+      "default": {
+        "max_risk_tier": "medium",
+        "supply_chain": {
+          "checksum": false,
+          "signature_or_provenance": false,
+          "sbom": false,
+          "sbom_formats": []
+        },
+        "validation": {
+          "min_coverage": 0,
+          "security_checks": [],
+          "dependency_checks": []
+        },
+        "execution": {}
+      },
+      "type": "object",
+      "properties": {
+        "max_risk_tier": {
+          "default": "medium",
+          "type": "string",
+          "enum": [
+            "low",
+            "medium",
+            "high",
+            "critical"
+          ]
+        },
+        "supply_chain": {
+          "default": {
+            "checksum": false,
+            "signature_or_provenance": false,
+            "sbom": false,
+            "sbom_formats": []
+          },
+          "type": "object",
+          "properties": {
+            "checksum": {
+              "default": false,
+              "type": "boolean"
+            },
+            "signature_or_provenance": {
+              "default": false,
+              "type": "boolean"
+            },
+            "sbom": {
+              "default": false,
+              "type": "boolean"
+            },
+            "sbom_formats": {
+              "default": [],
+              "type": "array",
+              "items": {
+                "type": "string",
+                "enum": [
+                  "cyclonedx",
+                  "spdx",
+                  "custom"
+                ]
+              }
+            }
+          },
+          "required": [
+            "checksum",
+            "signature_or_provenance",
+            "sbom",
+            "sbom_formats"
+          ],
+          "additionalProperties": false
+        },
+        "validation": {
+          "default": {
+            "min_coverage": 0,
+            "security_checks": [],
+            "dependency_checks": []
+          },
+          "type": "object",
+          "properties": {
+            "min_coverage": {
+              "default": 0,
+              "type": "number",
+              "minimum": 0,
+              "maximum": 100
+            },
+            "security_checks": {
+              "default": [],
+              "type": "array",
+              "items": {
+                "type": "string",
+                "minLength": 1
+              }
+            },
+            "dependency_checks": {
+              "default": [],
+              "type": "array",
+              "items": {
+                "type": "string",
+                "minLength": 1
+              }
+            }
+          },
+          "required": [
+            "min_coverage",
+            "security_checks",
+            "dependency_checks"
+          ],
+          "additionalProperties": false
+        },
+        "execution": {
+          "default": {},
+          "type": "object",
+          "properties": {
+            "network": {
+              "type": "string",
+              "enum": [
+                "disabled",
+                "restricted",
+                "enabled"
+              ]
+            },
+            "process_spawn": {
+              "type": "string",
+              "enum": [
+                "forbidden",
+                "declared"
+              ]
+            }
+          },
+          "additionalProperties": false
+        }
+      },
+      "required": [
+        "max_risk_tier",
+        "supply_chain",
+        "validation",
+        "execution"
+      ],
+      "additionalProperties": false
+    }
+  },
+  "required": [
+    "id",
+    "version",
+    "description",
+    "applies_to",
+    "requirements"
+  ],
+  "additionalProperties": false,
+  "title": "CodeSDD Plugin Policy Pack",
+  "description": "Machine-readable enterprise policy pack contract for plugin supply-chain, dependency, security, and execution governance."
+}